Welcome to the official Splunk repository containing Ansible playbooks for configuring and managing Splunk Enterprise and Universal Forwarder deployments. This repository contains plays that target all Splunk Enterprise roles and deployment topologies that work on any Linux-based platform.
Splunk-Ansible is currently being used by Docker-Splunk, the official Splunk Docker image project.
Splunk Enterprise is a platform for operational intelligence. Our software lets you collect, analyze, and act upon the untapped value of big data that your technology infrastructure, security systems, and business applications generate. It gives you insights to drive operational performance and business results.
See Splunk Products for more information about the features and capabilities of Splunk products and how you can bring them into your organization.
The Splunk-Ansible project is a collection of Splunk configuration best practices, written as Ansible scripts. These scripts, called playbooks, can be used for configuring Splunk Enterprise and Universal Forwarder instances based on a declarative configuration.
The playbooks in this codebase are internally-vetted procedures and operations that administer and manage Splunk as done within the company. Use Splunk-Ansible to manage Splunk Enterprise and Splunk Universal Forwarder instances in a manner consistent with industry standards, such as infrastructure automation and infrastructure-as-code.
Visit the Splunk-Ansible documentation page for full usage instructions, including installation, tutorials, and examples.
See the Ansible User Guide for more details on Ansible concepts and how it works.
Use the GitHub issue tracker to submit bugs or request features.
If you have questions or need support, you can:
We welcome feedback and contributions from the community! See the contribution guidelines for more information on how to get involved.
Copyright 2018-2020 Splunk.
Distributed under the terms of our license, Splunk-Ansible is a free and open-source software.